This article goes over how to adjust the settings for your Approvals solution, add approvers, and manage approval webhooks. The Approvals solution allows you to create approval workflows for your forms. Workflows require form submissions to be reviewed by a specified approver before any approval events are triggered.
Important Notes
An approver must be added to the Approvals solution before they can be used in approval flows.
Users added as approvers will only have access to the Approvals solution. To give them access to other areas of your instance, they will need to be added as Team Members.
Configure Your Approvals
Navigate to the Approvals tab
Configure settings on the Summary tab
Details: The title and tagline of your application that will be displayed when opening your app, as well as the link to open your Approvals Applet
Email Sending: This is the email address that will be used to send emails to your approvers
Advanced Styling: Customize the CSS code for your app
Color Theme: This allows you to customize the Primary and Accent colors for your application
Notifications: Enter the email addresses that should be sent notifications if any webhooks fail
Logo: Upload an image to use for the Approvals application
Note: The image should be 512 pixels in size.
Developer Keys: Assign Developer Keys to Approval Groups, giving them the same permissions that an approver would have.
Click Save to save any changes
Navigate to the Approvers tab
Select the + icon in the bottom right corner to add approvers
Note: An approver must be added to this list before they can be used in your approval flows.
Fill out details for the new app user
Email Address: Enter the user's email address
Groups: Add the user to the applicable approval group(s) that will then be used when creating approval workflows on a form. Approval workflows are only set at the group level and will apply to all users within that group.
Group Manager: Check if the user should be able to view and edit all approvals for their assigned groups on the Administration side of Approvals
Administrator: Check if the user should have full administrator access to all approvals
Click Save
Once added, your approvers will receive an email invitation with instructions on how to log in or create an account.
To edit an existing approver's groups, select the pencil icon next to the user
Adjust the groups as needed and click Save
The updated groups will show as tags next to the user
Note: Groups can then be assigned to Approval Workflows on a form.
Approvers who are part of a group that has been assigned to a workflow will receive an email letting them know when a new approval has been created. From this email, they can access the approval directly or access the list from the Approvals screen.
(Optional) SAML Integration with Approvals
Approvers can also authenticate using a SAML provider such as Entra ID (formerly Active Directory) and Auth0.
SAML Groups
Once SAML is turned on, you will need to configure your Groups. Please note that your existing groups will not carry over as SAML groups so these will need to be reconfigured if you have existing flows that are using the same group name.
On the Approvers tab, click Edit Groups
Add your groups and optional notification email addresses
Group Name: This is the name of your group, which will be displayed when selecting the group to assign an approval step to.
Notification Email Addresses: You must add at least one notification email address, which will be notified when new approvals are assigned to the group.
Group Manager & Administrator: When using SAML authentication, you can use the out-of-the-box group manager (oneblink:manager) and administrator claims (oneblink:administrator). Alternatively, you can grant those same permissions to any SAML group by checking the corresponding box.
Once your Groups are configured you will need to follow the steps on the screen to configure your Entra ID (formerly Active Directory) or Auth0 integration.
SAML Groups Mapping
When using SAML to authenticate your approvals users, you will need to ensure that the SAML claims include a "groups" claim. This will need to be a comma-separated string including all of the groups the user has access to. In the example below, using Entra ID, the "groups" claim is mapped to the "user.department" attribute.
In the "user.deparment attribute" a comma-separated string is included that matches the group names configured within theconsole "support,reviewer,oneblink:adminisrator". The oneblink:administrator group is also included to ensure the user has access to the administrator privilages.
